Cyber Attack and Defense Emulation Agents
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Yoo, Jeong Do | - |
dc.contributor.author | Park, Eunji | - |
dc.contributor.author | Lee, Gyungmin | - |
dc.contributor.author | Ahn, Myung Kil | - |
dc.contributor.author | Kim, Donghwa | - |
dc.contributor.author | Seo, Seongyun | - |
dc.contributor.author | Kim, Huy Kang | - |
dc.date.accessioned | 2021-08-31T08:37:40Z | - |
dc.date.available | 2021-08-31T08:37:40Z | - |
dc.date.created | 2021-06-19 | - |
dc.date.issued | 2020-03 | - |
dc.identifier.issn | 2076-3417 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/57399 | - |
dc.description.abstract | As the scale of the system and network grows, IT infrastructure becomes more complex and hard to be managed. Many organizations have a serious problem to manage their system and network security. In addition, vulnerabilities of hardware and software are increasing in number rapidly. In such a complex IT environment, security administrators need more practical and automated threat assessment methods to reduce their manual tasks. Adversary emulation based automated assessment is one of the solutions to solve the aforementioned problems because it helps to discover the attack paths and vulnerabilities to be exploited. However, it is still inefficient to perform the adversary emulation because adversary emulation requires well-designed attack scenarios created by security experts. Besides, a manual-based penetration test cannot be frequently performed. To overcome this limitation, we propose an adversary emulation framework composed of the red team and blue team agent. The red team agent carries out automated attacks based on the automatically generated scenarios by the proposed framework. The blue team agent deploys defense measures to react to the red team agent's attack patterns. To test our framework, we test multiple attack scenarios on remote servers that have various vulnerable software. In the experiment, we show the red team agent can gain an administrator's privilege from the remote side when the blue team agent's intervention is not enabled. The blue team agent can successfully block the red team's incoming attack when enabled. As a result, we show our proposed framework is beneficial to support routine threat assessment from the adversary's perspective. It will be useful for security administrators to make security defense strategy based on the test results. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | MDPI | - |
dc.title | Cyber Attack and Defense Emulation Agents | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Kim, Huy Kang | - |
dc.identifier.doi | 10.3390/app10062140 | - |
dc.identifier.scopusid | 2-s2.0-85082719474 | - |
dc.identifier.wosid | 000529252800241 | - |
dc.identifier.bibliographicCitation | APPLIED SCIENCES-BASEL, v.10, no.6 | - |
dc.relation.isPartOf | APPLIED SCIENCES-BASEL | - |
dc.citation.title | APPLIED SCIENCES-BASEL | - |
dc.citation.volume | 10 | - |
dc.citation.number | 6 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Chemistry | - |
dc.relation.journalResearchArea | Engineering | - |
dc.relation.journalResearchArea | Materials Science | - |
dc.relation.journalResearchArea | Physics | - |
dc.relation.journalWebOfScienceCategory | Chemistry, Multidisciplinary | - |
dc.relation.journalWebOfScienceCategory | Engineering, Multidisciplinary | - |
dc.relation.journalWebOfScienceCategory | Materials Science, Multidisciplinary | - |
dc.relation.journalWebOfScienceCategory | Physics, Applied | - |
dc.subject.keywordAuthor | adversary emulation | - |
dc.subject.keywordAuthor | agent modeling | - |
dc.subject.keywordAuthor | automated agent | - |
dc.subject.keywordAuthor | blue-teaming | - |
dc.subject.keywordAuthor | red-teaming | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
145 Anam-ro, Seongbuk-gu, Seoul, 02841, Korea+82-2-3290-2963
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.